Failure Recovery
description
Transcript of Failure Recovery
![Page 1: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/1.jpg)
1
Failure Recovery
IntroductionUndo LoggingRedo Logging
Source: slides by Hector Garcia-Molina
![Page 2: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/2.jpg)
2
Integrity or correctness of data
Would like data to be “accurate” or“correct” at all times
EMP Name
WhiteGreenGray
Age
523421
1
![Page 3: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/3.jpg)
3
Integrity or consistency constraints Predicates data must satisfy Examples:
x is key of relation R x y holds in R Domain(x) = {Red, Blue, Green} is valid index for attribute x of R no employee should make more than
twice the average salary
![Page 4: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/4.jpg)
4
Definition:
Consistent state: satisfies all constraints
Consistent DB: DB in consistent state
![Page 5: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/5.jpg)
5
Constraints (as we use here) may not capture “full
correctness”Example 1 Transaction constraints When salary is updated,
new salary > old salary When account record is deleted,
balance = 0
![Page 6: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/6.jpg)
6
Note: could be “emulated” by simpleconstraints, e.g.,
accountAcct # …. balancedeleted?
![Page 7: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/7.jpg)
7
Example 2 Database should reflect real world
DBReality
Constraints (as we use here) may not capture “full
correctness”
![Page 8: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/8.jpg)
8
in any case, continue with constraints...Observation: DB cannot be consistent
always!Example: a1 + a2 +…. an = TOT (constraint)
Deposit $100 in a2: a2 a2 + 100TOT TOT + 100
![Page 9: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/9.jpg)
9
a2
TOT
.
.50
.
.1000
.
.150
.
.1000
.
.150
.
.1100
Example: a1 + a2 +…. an = TOT (constraint)Deposit $100 in a2: a2 a2 + 100
TOT TOT + 100
![Page 10: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/10.jpg)
10
Transaction: collection of actions
that preserve consistency
Consistent DB Consistent DB’T
![Page 11: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/11.jpg)
11
Big assumption:
If T starts with consistent state + T executes in isolation
T leaves consistent state
![Page 12: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/12.jpg)
12
Correctness (informally)
If we stop running transactions,DB left consistent
Each transaction sees a consistent DB
![Page 13: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/13.jpg)
13
How can constraints be violated?
Transaction bug DBMS bug Hardware failure
e.g., disk crash alters balance of account
Data sharinge.g.: T1: give 10% raise to programmers
T2: change programmers systems analysts
![Page 14: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/14.jpg)
14
How can we prevent/fix violations?
Chapter 17: due to failures only Chapter 18: due to data sharing only Chapter 19: due to failures and
sharing
![Page 15: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/15.jpg)
15
Will not consider:
How to write correct transactions How to write correct DBMS Constraint checking & repair
That is, solutions studied here do not need
to know constraints
![Page 16: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/16.jpg)
16
Chapter 17: Recovery
First order of business:Failure Model
![Page 17: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/17.jpg)
17
Events Desired Undesired Expected
Unexpected
![Page 18: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/18.jpg)
18
Our failure model
processor
memory disk
CPU
M D
![Page 19: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/19.jpg)
19
Desired events: see product manuals….
Undesired expected events:System crash
- memory lost- cpu halts, resets
Undesired Unexpected: Everything else!
that’s it!!
![Page 20: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/20.jpg)
20
Examples: Disk data is lost Memory lost without CPU halt CPU implodes wiping out universe….
Undesired Unexpected: Everything else!
![Page 21: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/21.jpg)
21
Is this model reasonable?
Approach: Add low level checks + redundancy to increase
probability model holds
E.g., Replicate disk storage (stable store)
Memory parity CPU checks
![Page 22: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/22.jpg)
22
Second order of business:
Storage hierarchy
Memory Disk
x x
![Page 23: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/23.jpg)
23
Operations:
Input (x): block containing x memory Output (x): block containing x disk
Read (x,t): do input(x) if necessary t value of x in block
Write (x,t): do input(x) if necessary value of x in block t
![Page 24: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/24.jpg)
24
Key problem Unfinished transaction
Example Constraint: A=B T1: A A 2 B B 2
![Page 25: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/25.jpg)
25
T1: Read (A,t); t t2Write (A,t);Read (B,t); t t2Write (B,t);Output (A);Output (B);
A: 8B: 8
A: 8B: 8
memory disk
1616
16
failure!
![Page 26: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/26.jpg)
26
Need atomicity: execute all actions of a transaction or none at all
![Page 27: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/27.jpg)
27
One solution: undo logging (immediate
modification)
due to: Hansel and Gretel, 782 AD
Improved in 784 AD to durable undo logging
![Page 28: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/28.jpg)
28
T: Read (A,t); t t2 A=B
Write (A,t);Read (B,t); t t2Write (B,t);Output (A);Output (B);
A:8B:8
A:8B:8
memory disk log
Undo logging (Immediate modification)
16
<T, start>
<T, commit>16 <T, B, 8>
16
<T, A, 8>
16
![Page 29: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/29.jpg)
29
One “complication”
Log is first written in memory Not written to disk on every action
memory
DB
Log
A: 8 16B: 8 16Log:<T,start><T, A, 8><T, B, 8>
A: 8B: 8
16BAD STATE
# 1
![Page 30: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/30.jpg)
30
One “complication”
Log is first written in memory Not written to disk on every action
memory
DB
Log
A: 8 16B: 8 16Log:<T1,start><T1, A, 8><T1, B, 8><T1, commit>
A: 8B: 8
16BAD STATE
# 2
<T, B, 8><T, commit>
...
![Page 31: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/31.jpg)
31
Undo logging rules
(1) For every action generate undo logrecord (containing old value)
(2) Before x is modified on disk, logrecords pertaining to x must beon disk (write ahead logging:
WAL)(3) Before commit is flushed to log, all
writes of transaction must bereflected on disk
![Page 32: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/32.jpg)
32
Recovery rules: Undo logging
(1) Let S = set of transactions with<T, start> in log, but no<T, commit> (or <T, abort>) record in
log(2) For each <T, X, v> in log,
in reverse order (latest earliest) do:
- if T S then
- write (X, v) - output (X)
(3) For each T S do
- write <T, abort> to log
![Page 33: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/33.jpg)
33
What if failure during recovery?No problem! Undo idempotent
![Page 34: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/34.jpg)
34
To discuss:
Redo logging Undo/redo logging, why both? Real world actions Checkpoints Media failures
![Page 35: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/35.jpg)
35
Redo logging (deferred modification)
T: Read(A,t); t t2; write (A,t); Read(B,t); t t2; write (B,t);
Output(A); Output(B)
A: 8B: 8
A: 8B: 8
memory DB LOG
16<T, start>
output16
16 16<T, commit><T, B, 16><T, A, 16>
![Page 36: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/36.jpg)
36
Redo logging rules
(1) For every action, generate redo logrecord (containing new value)
(2) Before X is modified on disk (DB),all log records for transaction that
modified X (including commit) must be on disk
(3) Flush log at commit
![Page 37: Failure Recovery](https://reader035.fdocuments.in/reader035/viewer/2022062314/56814aeb550346895db7fa5c/html5/thumbnails/37.jpg)
37
(1) Let S = set of transactions with<T, commit> in log
(2) For each <T, X, v> in log, in forward order (earliest latest) do:
- if T S then Write(X, v) Output(X)
optional
Recovery rules: Redo logging